KYC, the “Know Your Customer” rule, is a common method of user verification in connection with the start of said users use of financial services. KYC is the norm in cryptocurrencies and financial law, as professionals are required to make every effort to verify the identity, relevance and risk of maintaining business relationships with the customer. These procedures are also a measure for AML analysis, which is taking action which aim to prevent money laundering. How does KYC work? In which countries must NFT projects implement the KYC procedure? What does it require of us? We're writing about this below.

How does KYC work?

KYC processes are also used by various economic operators to ensure that their customers, agents or consultants are checked before they are given access to any financial resources. The “Know Your Client” principle (KYC) is a mandatory requirement for entities which deal with securities, bank accounts, etc.

What is included in KYC

The purpose of the provisions set out by the KYC is to prevent criminals from using businesses for money laundering and commiting other financial crimes. By linking KYC and AML, many companies understand their customers better and have the opportunity to verify the capital and payments they receive. This helps them manage risk responsibly and professionally. In principle, institutions formulate their KYC policies on the basis of the following four key elements:

• Customer Acceptance Policy
• Customer Identification Procedures,
• Monitoring of Transactions,
• Risk Management.

The financial law environment is quite rigorous and makes KYC a mandatory and key procedure for financial institutions and others, as KYC minimizes the risk of fraud by identifying suspicious information at the initial stage of account creation. The KYC policy defines a client as follows. A customer is:

• the person or entity that holds the account or is in a business relationship with the reporting entity;
• the person on whose behalf the account is held,
• the beneficiary of transactions carried out by professional intermediaries, such as exchange brokers, auditors or legal advisers,
• any person or entity associated with a financial transaction that may pose a significant reputational risk or other risk to a bank, i.e. a person performing a bank transfer or issuing a “trust” on a high-value request as a single transaction.

NFT and KYC

In NFT, KYC is an element that is dependent on a given country’s policies, but also on what type of NFT will be used. Each State decides on its own whether the creation of NFT requires implementation of KYC procedures. Below we present the most popular places in the world of cryptography, which we have systematized by legislation.

KYC and cryptocurrencies

Cryptocurrencies are seen as decentralized and anonymous funds. However, these benefits are also a challenge in preventing money laundering, as criminals see cryptocurrencies as an ideal means of using illegal capital. As a result, many financial institutions are looking for ways to impose KYC on cryptocurrency markets, requiring cryptocurrency platforms to verify their clients. Currently, most of the entities have implemented or are implementing KYC into their services. Exchanges are classified in accounting terms as “crypto-to-crypto” or “fiat-to-crypto”. As crypto-crypto exchanges do not deal with traditional currency, they do not feel the same pressure to apply KYC standards as stock exchanges which store traditional currency of any sort. If stock exchanges have a traditional currency in their offer, they are more pressured by states to implement the KYC rule. Countries which show great interest in NFT have already regulated this area. The United Arab Emirates, Estonia, Switzerland and the United Kingdom are places worth familiarizing yourself with if you want to start your NFT journey.

Dubai and NFT

At present, crypto assets in the United Arab Emirates have not been classified for their purpose, which could help to determine the law in this respect. Instead, the United Arab Emirates recognizes that it is necessary to specify how cryptocurrencies or NFT are actually used. For example, a crypto resource can be used as a token of use (in this case it will not be regulated as a financial product and it is probably not necessary to implement KYC), but with an awareness of its popularity it is considered to be traded for the purpose of making an investment. If, according to the country, the NFT is seen as a means of investment, it is an investment product, then it will be treated as a financial product, resulting in its regulation using the provisions regarding UAE securities (in this case, KYC needs to be implemented in the project). In Dubai and the United Arab Emirates, there is no single law which regulates NFT. Any use of NFT is analyzed in terms of its actual use. Although Abu Dhabi Global market (ADGM) as a free financial zone regulated the use of crypto assets as virtual assets, NFT does not fall within this definition. According to this law, “the virtual resource is not produced or guaranteed by any jurisdiction”. In summary, it should be pointed out that NFT is subject to KYC only if it is practically treated as an investment project. NFT is not subject to KYC if it is treated as a token of use only.

NFT and KYC in Estonia

Until 2020, it appeared that cryptocurrencies can enjoy freedom in Estonia in terms of legal regulation. This country has become the ideal place for businesses and business professionals who wanted to legally run a business based on blockchain technology and cryptocurrencies. The license issued by Estonia also provides the possibility to provide services throughout the EU. Do you need to obtain a license to implement your NFT project in Estonia? As a general rule, not until 2020! This was due to the fact that licenses were mandatory for virtual currency service providers. The law in this case describes virtual currencies as payment-based instruments such as Ether (ETH), Bitcoin (BTC), USDT and others.
According to case-law, the NFT did not cover the definition of virtual currencies, since each NFT provides a unique, limited or documented resource that allows for the use of specific items such as digital art. NFT is treated more as a property right, rather than a means of payment. That was the case in the past, but the 2020 amendment on the legislation
regarding anti-money laundering put all entities connected with NFT, ICO and decentralized exchanges into one group. Since then, KYC is a mandatory component in the implementation of NFT projects.

Switzerland – NFT are not securities

The situation in Switzerland is similar to that in the United Arab Emirates. When NFT is used as a means of payment and can be transferred or reinvested, the regulatory authority is required to implement KYC and AML procedures. If the NFT does not belong to the securities category and serves only as a guarantee of the “right of access” to the service or digital arts, there is no mandatory obligation to implement KYC and AML procedures. However, if the NFT can in any way be used as an investment, it is subject to the definition of securities.

Great Britain – mandatory compliance with KYC standards

In the UK, the procedural requirements determining whether the creation of a NFT project requires the implementation of the KYC and AML regulations were created by the RUSI (Royal United Services Institute), the UK's defense and security think tank. The institution itself was created in 1831 and is intended to ensure the security and efficient operation of the country’s finances. According to RUSI, NFT products:

• help guarantee an ownership record of any item by means of a digital element,
• give creators the ability to obtain royalties from copyrights,
• are mainly purchased using cryptocurrencies.

Unfortunately, RUSI points to the risks associated with NFT, which it defines as follows:

• NFT is purchased using cryptocurrencies, which are often used to commit financial crimes or for money laundering.
• There is a risk of hacking attacks on accounts of users who own NFT.
• As such, RUSI identifies NFT as a product that requires both KYC and AML procedures to be implemented and followed.

Summary

With KYC, we gain the ability to collect and analyze a lot of customer information. This helps protect them from financial crime and facilitates the exchange of information between companies and users. In addition, KYC is an aid to AML, as at an early stage it can identify an entity that is likely to be criminogenic. As countries are increasingly concerned about the bureaucracy and regulation of each sector, KYC is an element that everyone will need to familiarize themselves with sooner or later. Let us remember that NFT may have different applications, from collectors' products to gaming, or property rights to invest. Depending on their use, as well as the geographical and legislative elements, different provisions will apply. At the same time, we stress that it is useful to consult a professional legal adviser to help you comply with applicable laws before any actions connected with KYC, AML, or NFT are taken. This article does not constitute legal advice.